Do Baltimore Woes Signal End of PKI?

This site may earn affiliate commissions from the links on this page. Terms of use.

Public-key infrastructure has taken its lumps for years, as have its users. But when CEO Fran Rooney walked out the door of PKI vendor Baltimore Technologies plc., in Dublin, Ireland, last week, many saw it as the beginning of the end for the technology.

Now more than ever, customers–who have watched Baltimore and other PKI vendors such as RSA Security Inc. and Entrust Inc. suffer endless ups and downs–are wondering where all this turmoil is going to leave them and their costly PKI projects.

For many, the choice now is frequently driven not by who has the best technology but by who has the best support and the best chance of staying in business through the notoriously long implementation cycle. And for a growing number of IT shops, the choice has been to sidestep PKI entirely.

“We did the whole evaluation, but I wasn’t overwhelmed,” said an IT manager at a large East Coast financial services company. “I couldn’t see the need because this is a technology that impacts everything across the enterprise, and there was no compelling application to drive it.”

Even users willing to stay the course with PKI are now looking for more technology than vendors such as Baltimore have to offer. “When we went to make our decision, it came down to the fact that Entrust had a full suite of products and Baltimore had one,” said a security specialist who asked to remain anonymous. “That’s their problem.”

Entrust, of Plano, Texas, is working to diversify its offerings, moving into enhanced PKI services as well as token-based authentication and virtual private networks. CEO Bill Conner said that the time when a vendor could survive on PKI alone had passed.

“Customers are looking at what you can do with it,” Conner said. “People aren’t just buying [PKI] by the boatload. You can’t live on [PKI] alone.”

To answer such critics, Baltimore is also moving quickly toward offering its services on a subscription basis in an effort to create a more predictable revenue stream and will likely expand its product portfolio. Sources said Baltimore is trying to reduce upfront costs by offering users a hosted service that can later become an in-house service. More announcements are due next month.

However, officials said the com pany must get through its current restructuring effort and CEO search before any significant strategy shifts can be put in place. Analysts say the com pany may be ripe for a buyout.

“Our immediate focus is to push forward with the restructuring to make sure that Baltimore is on a good footing,” said Paul Sanders, Baltimore’s chief financial officer and interim CEO.

Baltimore, often regarded as having some of the best technology in the industry, has since the beginning of the year been caught in a spiral of falling revenue and plummeting stock value. Both have led to layoffs and a scramble to reshape the company. Baltimore officials plan to announce the details of the organizational changes in August.

“In my mind, there’s no question Baltimore has great technology,” said Baltimore Unicert user Dave Croston, president and CEO of MVPN LLC, in Warwick, R.I. “But the issue still is, it isn’t easy to implement [nor is it] a low-cost expenditure upfront.”

Rooney’s departure is seen by many as a bad sign not just for Baltimore but for the PKI market in general. After buying Baltimore five years ago, Rooney transformed what was then a small security service company into one of the top players in the security industry. He was one of the chief evangelists of the virtues of PKI, but his sudden departure in the midst of Baltimore’s troubles is not a ringing endorsement of the technology.

Even companies such as Entrust, with more diversified product lines, have found customers unwilling to commit to costly and time-consuming PKI deployments without a full set of applications and support.

“We have 60,000 users, and I don’t want to bring in an expensive infrastructure and then have to go back and redo my applications myself,” the financial services IT manager said.

This site may earn affiliate commissions from the links on this page. Terms of use.

ExtremeTech Newsletter

Subscribe Today to get the latest ExtremeTech news delivered right to your inbox.

Email

This newsletter may contain advertising, deals, or affiliate links. Subscribing to a newsletter indicates your consent to our
Terms of Use and
Privacy Policy. You may unsubscribe from the newsletter at any time.